Why Are There PCI Policy Templates?
InfoSecure’s Founder, Patrick Bass, explains the need for a competent PCI Policy Template Has Never Been More Pronounced!
In Fact, until now, organizations had to struggle with the complex documentation requirements associated with PCI DSS compliance. Likewise, those entities attempting to comply with the requirements established by Experian’s Third Party Assessment program, or EI3PA, had similar concerns. This was a common theme for those complying with HIPAA/HITECH and ISO 27001. The main issue was that each of these security models required specific and complex documentation.
I started InfoSecure in early 2014 by creating the first comprehensive PCI Policy Template. Back then, the requirement was still based on PCI DSS 2.0; however, we quickly upgraded the Policy Template to support PCI DSS 3.0. Today, our PCI Toolkit supports the latest requirement which is currently PCI DSS 3.2 revision 1. InfoSecure will always maintain the Policy Templates and make sure that whatever the security model, our Toolkit is current with the latest standard.
As an accomplished auditor with over 25 years of field experience, I knew that solid documentation was a key factor in an organization’s compliance and security posture. One of the problems I often observed was that organizations didn’t have the time or expertise required to create all of the documentation required for compliance purposes. That’s exactly with InfoSecure’s Policy Toolkit are so important. Our Toolkits contain Policy Template documents that are created specifically for customization. Our Policy Templates contain all of the identified documentation requirements in a given security model. Currently, we have policy templates for PCI DSS, EI3PA, HIPAA/HITECH, aad ISO 27001.
Our templates are available for online purchase and immediate download. For PCI DSS and EI3PA, we offer a Bronze, Silver, and Gold package. Each of these packages contains policy templates and start out at the low price of only $299. I encourage you to carefully review these packages to determine which is best for your organization. Our HIPAA and ISO policy templates are also available, however, given the unique compliance requirements, each security model has a single package for purchase.